CASB version 3.154 released limited support for the GitHub CLI.

CASB techdoc describes what GitHub activity is supported by GitHub CLI and what is only support via web.

The following are known limitations:

• Github needs to be configured to use a Windows certificate store (git config --global http.sslbackend schannel)
• Filenames are not available for upload/download events, repository names are available instead.
• Access Enforcement policy doesn't work well for Session-Auth due to client caching tokens. But, would work for upload/download activities.
• Cloud Service username is not available and falls back to CloudSOC user.
• DLP scan doesn't work for most scenarios due to upload/download being encrypted

OA Pair Details

• OA Pair – Session -Auth
  • Login:
    • Command : gh auth login --with-token < token.txt
      • User Name not available
    • Command: gh auth login
  • Logout:
    • Command: gh auth logout
      • Display Auth info
        Command: gh auth status 
        Since the traffic for this command matches with login/logout , performing this activity also generates Session-Auth OA

• OA Pair – File/Folder Download
  • Gist Clone:
    • Command: gh gist clone  ################
      Commnad: gh gist clone Repo Clone:
      Command: gh repo clone Owner/repo
  • Git pull: file/folder download
    • Command: git pull 
  • git clone:
    • Command: git clone https://github.com/<repository>/<file name>
  • git fetch:
    • Command git fetch –-all
  • gh repo sync : Download
    • Command: gh repo sync keep new file in github.com repo then do sync
  • OA Pair – File-Upload
    • Gist Create:
      Command: gh gist create --public hello.py
      Command: gh gist create hello.py -d "my Hello-World program in Python"
      Command: gh gist create hello.py world.py cool.txt
  • OA Pair – File/Folder-Upload
    • Git Push: file/folder upload verify it must
      • Command: git push